diff --git a/.gitignore b/.gitignore index c661092..e665cfd 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -mod_fcgid-2.3.5.tar.bz2 +/mod_fcgid-2.3.6.tar.bz2 diff --git a/mod_fcgid.spec b/mod_fcgid.spec index ab69b5d..fe64693 100644 --- a/mod_fcgid.spec +++ b/mod_fcgid.spec @@ -1,8 +1,8 @@ # Fedora 5, 6, and 7 versions includes SELinux policy module package # Fedora 8 and 9 versions include policy in errata selinux-policy releases # Fedora 10 onwards include policy in standard selinux-policy releases -# RHEL 5.5 onwards will include policy in standard selinux-policy releases -%if 0%{?fedora}%{?rhel} < 5 || 0%{?fedora} > 7 || 0%{?rhel} > 5 +# RHEL 5.5 onwards include policy in standard selinux-policy releases +%if 0%{?fedora} < 5 || 0%{?fedora} > 7 || 0%{?rhel} %global selinux_module 0 %global selinux_types %{nil} %global selinux_variants %{nil} @@ -15,8 +15,8 @@ %endif Name: mod_fcgid -Version: 2.3.5 -Release: 2%{?dist} +Version: 2.3.6 +Release: 1%{?dist} Summary: FastCGI interface module for Apache 2 Group: System Environment/Daemons License: ASL 2.0 @@ -32,13 +32,15 @@ Patch0: mod_fcgid-2.3.4-fixconf-shellbang.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: httpd-devel >= 2.0, pkgconfig Requires: httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && %{__cat} %{_includedir}/httpd/.mmn || echo missing) +# sed required for fixconf script +Requires: /bin/sed # Make sure that selinux-policy is sufficiently up-to-date if it's installed -## FastCGI policy properly incorporated into EL 5.5 (not yet available) -#%if "%{?rhel}" == "5" -#Conflicts: selinux-policy < 2.4.6-257.el5 -## No provide here because selinux-policy >= 2.4.6-203.el5 does the providing -#Obsoletes: mod_fcgid-selinux <= %{version}-%{release} -#%endif +# FastCGI policy properly incorporated into EL 5.5 +%if "%{?rhel}" == "5" +Conflicts: selinux-policy < 2.4.6-279.el5 +# No provide here because selinux-policy >= 2.4.6-279.el5 does the providing +Obsoletes: mod_fcgid-selinux <= %{version}-%{release} +%endif %if "%{?fedora}" == "8" Conflicts: selinux-policy < 3.0.8-123.fc8 %endif @@ -62,7 +64,7 @@ as possible. Summary: SELinux policy module supporting FastCGI applications with mod_fcgid Group: System Environment/Base BuildRequires: %{selinux_buildreqs} -# selinux-policy is required for directory ownership of %{_datadir}/selinux/* +# selinux-policy is required for directory ownership of %%{_datadir}/selinux/* # Modules built against one version of a policy may not work with older policy # versions, as noted on fedora-selinux-list: # http://www.redhat.com/archives/fedora-selinux-list/2006-May/msg00102.html @@ -110,7 +112,7 @@ done %{__install} -D -m 644 fcgid.conf %{buildroot}%{_sysconfdir}/httpd/conf.d/fcgid.conf %{__install} -d -m 755 %{buildroot}%{_localstatedir}/run/mod_fcgid -# Include the manual as %doc, don't need it elsewhere +# Include the manual as %%doc, don't need it elsewhere %{__rm} -rf %{buildroot}%{_var}/www/manual # Install SELinux policy modules @@ -171,6 +173,17 @@ exit 0 %endif %changelog +* Thu Nov 4 2010 Paul Howarth 2.3.6-1 +- Update to 2.3.6 (see CHANGES-FCGID for full details) + - Fix possible stack buffer overwrite (CVE-2010-3872) + - Change the default for FcgidMaxRequestLen from 1GB to 128K; administrators + should change this to an appropriate value based on site requirements + - Correct a problem that resulted in FcgidMaxProcesses being ignored in some + situations + - Return 500 instead of segfaulting when the application returns no output +- Don't include SELinux policy for RHEL-5 builds since RHEL >= 5.5 includes it +- Explicitly require /bin/sed for fixconf script + * Tue Jun 8 2010 Paul Howarth 2.3.5-2 - SELinux policy module not needed for RHEL-6 onwards diff --git a/sources b/sources index b5c65e1..37d7d45 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -640a49c9ddf8596bd913835118b4a6aa mod_fcgid-2.3.5.tar.bz2 +30ee138f3f0eb1c55303400748f128a2 mod_fcgid-2.3.6.tar.bz2